Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23667
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
NA
CVE-2024-35635
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a up to and including 5.0.9.
NA
CVE-2024-35638
Cross-Site Request Forgery (CSRF) vulnerability in JumpDEMAND Inc. ActiveDEMAND.This issue affects ActiveDEMAND: from n/a up to and including 0.2.43.
9.8
CVSSv3
CVE-2024-5404
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
NA
CVE-2024-35639
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webliberty Simple Spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a up to and including 1.2.
NA
CVE-2024-35637
Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin: from n/a up to and including 4.3.6.
NA
CVE-2023-48789
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 up to and including 6.0.14 allows malicious user to improper access control via crafted HTTP requests.
NA
CVE-2024-23107
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, 6.3 all versions may allow an authenticated malicious user to read password hashes of other administrators via CLI co...
NA
CVE-2024-35640
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a up to and including 1.7.0.
NA
CVE-2024-36960
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent struct...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »